You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2012/04/26 11:52:33 UTC
svn commit: r1330736 - in
/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter:
AbstractServiceProviderFilter.java Messages.properties
Author: sergeyb
Date: Thu Apr 26 09:52:33 2012
New Revision: 1330736
URL: http://svn.apache.org/viewvc?rev=1330736&view=rev
Log:
Support for relative RequestAssertionConsumerService URIs
Added:
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/Messages.properties (with props)
Modified:
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/AbstractServiceProviderFilter.java
Modified: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/AbstractServiceProviderFilter.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/AbstractServiceProviderFilter.java?rev=1330736&r1=1330735&r2=1330736&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/AbstractServiceProviderFilter.java (original)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/AbstractServiceProviderFilter.java Thu Apr 26 09:52:33 2012
@@ -21,10 +21,17 @@ package org.apache.cxf.rs.security.saml.
import java.io.IOException;
import java.net.URLEncoder;
import java.util.Collections;
+import java.util.ResourceBundle;
+import java.util.logging.Logger;
+
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.UriBuilder;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import org.apache.cxf.common.i18n.BundleUtils;
+import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.jaxrs.ext.RequestHandler;
@@ -45,24 +52,24 @@ public abstract class AbstractServicePro
protected static final String SAML_REQUEST = "SAMLRequest";
protected static final String RELAY_STATE = "RelayState";
+ protected static final Logger LOG =
+ LogUtils.getL7dLogger(AbstractServiceProviderFilter.class);
+ protected static final ResourceBundle BUNDLE =
+ BundleUtils.getBundle(AbstractServiceProviderFilter.class);
private String idpServiceAddress;
private String issuerId;
private String assertionConsumerServiceAddress;
- public String getAssertionConsumerServiceAddress() {
- return assertionConsumerServiceAddress;
- }
-
public void setAssertionConsumerServiceAddress(
String assertionConsumerServiceAddress) {
this.assertionConsumerServiceAddress = assertionConsumerServiceAddress;
}
- protected boolean checkSecurityContext(Message m) {
- return false;
+ public void setIssuerId(String issuerId) {
+ this.issuerId = issuerId;
}
-
+
public void setIdpServiceAddress(String idpServiceAddress) {
this.idpServiceAddress = idpServiceAddress;
}
@@ -71,6 +78,10 @@ public abstract class AbstractServicePro
return idpServiceAddress;
}
+ protected boolean checkSecurityContext(Message m) {
+ return false;
+ }
+
protected AuthnRequest createAuthnRequest(Message m, Document doc) throws Exception {
Issuer issuer =
SamlpRequestComponentBuilder.createIssuer(issuerId);
@@ -91,7 +102,7 @@ public abstract class AbstractServicePro
//CHECKSTYLE:OFF
return SamlpRequestComponentBuilder.createAuthnRequest(
- assertionConsumerServiceAddress,
+ getAbsoluteAssertionServiceAddress(m),
false,
false,
"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
@@ -130,7 +141,27 @@ public abstract class AbstractServicePro
return info;
}
- public void setIssuerId(String issuerId) {
- this.issuerId = issuerId;
+ private String getAbsoluteAssertionServiceAddress(Message m) {
+ if (assertionConsumerServiceAddress == null) {
+ //TODO: Review the possibility of using this filter
+ //for validating SAMLResponse too
+ reportError("MISSING_ASSERTION_SERVICE_URL");
+ throw new WebApplicationException(500);
+ }
+ if (!assertionConsumerServiceAddress.startsWith("http")) {
+ String httpBasePath = (String)m.get("http.base.path");
+ return UriBuilder.fromUri(httpBasePath)
+ .path(assertionConsumerServiceAddress)
+ .build()
+ .toString();
+ } else {
+ return assertionConsumerServiceAddress;
+ }
+ }
+
+ protected void reportError(String code) {
+ org.apache.cxf.common.i18n.Message errorMsg =
+ new org.apache.cxf.common.i18n.Message(code, BUNDLE);
+ LOG.warning(errorMsg.toString());
}
}
Added: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/Messages.properties
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/Messages.properties?rev=1330736&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/Messages.properties (added)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/Messages.properties Thu Apr 26 09:52:33 2012
@@ -0,0 +1,21 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+#
+MISSING_ASSERTION_SERVICE_URL=RequestAssertionConsumerService URI is not set
Propchange: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/Messages.properties
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/Messages.properties
------------------------------------------------------------------------------
svn:keywords = Rev Date
Propchange: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/Messages.properties
------------------------------------------------------------------------------
svn:mime-type = text/plain